Hackers Have Successfully Hidden Malware In Popular PC Cleanup Tool

CCleaner v5.33

Between August 15 and September 12, 2.27 million users downloaded CCleaner, which is distributed by Avast, which contained a "multistage malware payload", hidden on top of CCleaner installation.

CCleaner is available as free or paid for subscription and both versions are said to have been affected by the breach.

If you are the regular user of CCleaner and downloaded the recent update on your computer, you are at a risk.

Paul Yung, Piriform's Vice President of Products, has tried to play down the attack.

One of the easiest ways to find out if you're infected by CCLeaner malware is to check your registry.

Avast said that although CCleaner has had over 2 billion installs to date, with 5 million new installs each week, a far smaller number of users was affected. It is also important to note that while previous versions of the CCleaner installer are now still available on the download server, the version containing the malicious payloads has been removed and is no longer available.




Data transmitted to the attacker's server included the computer's name, IP address, a list of installed software, a list of active software, and a list of network adapters.

Updated versions of CCleaner and CCleaner Cloud have since been released; users of the former should download version 5.34 of CCleaner if they've not already done so, while CCleaner Cloud customers will have already received the update to 1.07.3214. The infected version of the software was released on August 15, meaning that millions of users are potentially at risk.

Piriform's Yung said only Windows users appeared to have been affected, but he didn't estimate how many had downloaded the infected installers. "Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm", an Avast spokesperson said. More often than not we are hearing about ransomware, malware, data breaches, etc.

You can download version 5.34 of CCleaner here. Hackers added a backdoor code to be used for additional malware uploads at a later date.

Piriform is moving all current CCleaner v5.33.6162 owners to the latest v5.34 and beaming out an update to CCleaner Cloud version 1.07.3191 users.

Talos researcher Craig Williams told the Reuters news agency the attack had been "sophisticated" because it had targeted a trusted server and sought to make the booby-trapped version look legitimate.

Related news:

Hot News

isis-killer-beheading-video-story-top No Looking Back on Deporting Rohingyas: Indian Government Tells Apex Court
Sep 19, 2017 - 01:02
As the Myanmar government does not recognise the Rohingyas as its citizens, in general, it will be hard for India to deport them. It is submitted that this obligation is binding only in respect of the States which are parties to the Convention.

isis-killer-beheading-video-story-top Senate GOP musters final push to erase Obama health care law
Sep 19, 2017 - 01:00
McCain spokeswoman Julie Tarallo said the senator is continuing to "review" the text Cassidy introduced last week . As a result, it will redistribute a lot of money from the 31 expansion states to the 19 non-expansion states.

isis-killer-beheading-video-story-top Clemson moves up to No. 2 behind Alabama
Sep 19, 2017 - 00:58
Vanderbilt , which beat a ranked K-State team on Saturday night, is not ranked despite having three wins. The top 5 in both polls is the same, starting with Alabama , Clemson , Oklahoma, Penn State and USC.

isis-killer-beheading-video-story-top Narendra Modi, Tendulkar congratulates PV Sindhu over Koren Open Super Series win
Sep 18, 2017 - 00:44
The match which went into the final set saw Sindhu take the opening set 21-19 after leading 11-9 at the break. And then, there was absolutely nothing to separate the two gladiators at the World Championships last month.

isis-killer-beheading-video-story-top New boss, same old story for Crystal Palace
Sep 18, 2017 - 00:36
It is fair to say that Crystal Palace have endured a dismal start to the season. What we can question are the decisions he makes in-game.

isis-killer-beheading-video-story-top Federal Court Says Trump Administration Can't Deny Funds To Sanctuary Cities
Sep 17, 2017 - 00:58
The ruling further frustrates an administration mired in litigation over immigration policy since Trump took office in January. The Trump administration, on the other hand, has accused sanctuary cities of putting politics over public safety.

Aguero scores hat-trick as Man City run riot
Sep 17, 2017 - 00:54
Watford had kept three consecutive clean sheets in the league under new manager Marco Silva, but couldn't contain City's attack. Sterling than completed the rout, slamming home an 88th-minute penalty after he was brought down in the box by Kabasele.

isis-killer-beheading-video-story-top United Nations Security Council condemns highly provocative North Korea missile launch
Sep 17, 2017 - 00:54
Dictator Kim Jong-un has repeatedly threatened to attack both Guam and Japan with missiles, possibly using nuclear warheads. While U.S. officials say they prefer a diplomatic solution to this nuclear standoff, military force is also an option.

isis-killer-beheading-video-story-top USA urges Iraqi Kurdish region to call off independence referendum
Sep 17, 2017 - 00:50
In recent years, there have been tensions between Baghdad and Kurdistan over power-sharing, oil revenues and territorial disputes. While Baghdad recognizes Kurdistan's autonomy, the precise boundary between the region and the rest of Iraq is unclear.

isis-killer-beheading-video-story-top What Time Does the Canelo-Golovkin Fight Start?
Sep 17, 2017 - 00:42
While tenaciously walking down opponents, Golovkin also demonstrates great technical skills and punching accuracy. Alvarez's only defeat came in 2013 against Floyd Mayweather , who was too fast and smart for him.

isis-killer-beheading-video-story-top Kaspersky Lab rejects claims of Russian influence
Sep 16, 2017 - 01:07
Jeanne Shaheen of New Hampshire has push legislation that would ban the company's products governmentwide. Kaspersky products will now be withdrawn from stores and the firm's website.

isis-killer-beheading-video-story-top Liverpool need to be patient with Jurgen Klopp, says Paul Merson
Sep 16, 2017 - 00:58
Jurgen Klopp believes Alex Oxalde-Chamberlain is one of three players who could replace the suspended Sadio Mane against Burnley on Saturday.

isis-killer-beheading-video-story-top Vince McMahon Apparently Refused Medical Attention After His Beatdown Last Night
Sep 14, 2017 - 01:14
As good as a heel Owens has become, Hogan thinks he could be a great good guy. During a segment with Kevin Owens, The Chairman Of The Board got demolished.

isis-killer-beheading-video-story-top Senate rejects bipartisan push for new U.S. war authorization
Sep 14, 2017 - 01:13
Jeff Flake of Arizona to draft a new war authorization, says he's likely to back Paul's amendment. In addition to Mike Lee (R-Utah) and Tim Kaine (D-Va .), Paul's effort had the backing of Sen.

isis-killer-beheading-video-story-top Trump's Voter Fraud Panel Unlikely to Recommend Reforms
Sep 14, 2017 - 01:08
The specter of " voter fraud " has served as the Republican boogeyman for any election result that the party simply doesn't like. To be clear, there is no proof of widespread illegal voting or voter fraud in the 2016 election - or in any American election.